[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Review of draft-lior-radius-bandwidth-capability-00.txt
> I'm not opposed to 64-bit attributes, but introducing them is a
> major change to RADIUS.
64-bit attributes are already supported in existing RADIUS RFCs such as
RFC 3162.
> Not all platforms support 64-bit operations,
> making *full* implementation of 64-bit attributes problematic.
I don't think you need a 64-bit processor to handle a 64-bit RADIUS
attribute.
> My preference for the "issues & fixes" draft is to STRONGLY suggest
> that all new implementations always add Message-Authenticator to the
> packet. This avoids a number of attack vectors.
I think this makes sense. We should add this to "issues and fixes"
It will be trickier for RADIUS servers to require Message-Authenticator
for legacy applications, of course.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>